Use of AIDE, Tripwire on Proxmox VE nodes

[Libero_AT]

Hello everyone,

I am reviewing log and file integrity monitoring options for Proxmox VE hosts, especially for detecting possible tampering with system logs or important configuration files.

We are considering standard file integrity monitoring tools such as AIDE or Tripwire. We understand that these are Debian packages and not Proxmox-specific tools, but we would like to confirm whether they are appropriate to use on Proxmox VE nodes.

My questions are:

• Is it common practice to install such file integrity monitoring tools on Proxmox VE nodes? Specifically, are there any known negative impacts when running these tools on Proxmox VE hosts, for example on Proxmox VE services, cluster configuration, package updates, etc.?
• Are AIDE, Tripwire, or similar Debian file integrity monitoring tools available through the standard Debian repositories normally configured on a Proxmox VE installation?
• From a Proxmox support perspective, is installing such Debian-standard monitoring tools generally considered acceptable, as long as they are installed from standard repositories?

If there is any mention in the official documentation, or in previous forum threads that clarify this, I would be grateful if you could share them.

Thank you in advance.

 

[JTY]

While I haven't used AIDE or Tripwire on Proxmox hosts, I do run Wazuh which performs similar function among other things. I've been using it for years on Proxmox and other servers without any issues.